Hi there
During health check I do get the following 2 errors:
Quote***GOT REQUEST TO AUDIT HEALTH***
>>> Check installed kernel version
Version 20.7 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 20.7 is correct.
>>> Check for missing or altered base files
Error 2 ocurred.
usr/share/openssl/man/mandoc.db:
size (231312, 253528)
sha256digest (0x02859ea6205c04af25369a659788f9eb7f2a02369b057a5a93b1845f9b3eb3bb, 0x52c633aa21cfcb4e912cb1161b808a2fd1e19f6b576183ea778e766220e59a31)
usr/share/man/mandoc.db:
size (2890200, 2952636)
sha256digest (0xbd2d82ad7b5d52e562733f504cc14a3a8308dfda944ca013c7c183e1f0a87aad, 0x0ad4645f12d7274e414c3a8e12e9ef5edff92e568ceb62744b9002d57038d647)
>>> Check for and install missing package dependencies
Checking all packages: .......... done
>>> Check for missing or altered package files
Checking all packages: .......... done
>>> Check for core packages consistency
Checking core packages: .................................................................... done
***DONE***
Any advice how to solve this ?
Help is very much appreciated.
Thanks
Urmel
I noticed that also.
If you look at the timestamp of the files, it's Saturday at 4:15am
When you look at /etc/crontab, at 4:15am on the 6th day (Saturday), "periodic weekly" runs
Why "periodic weekly" would modify the databases for the man pages of FreeBSD and OpenSSL, I don't know.
Could somebody enlighten us why "periodic weekly" modifies mandoc.db ?
Thanks
Hi,
This is a bit strange because (a) the periodic task would require to install new manual pages weekly (?!) and (b) the binary footprint of the database of a non-changing system is not the same for timestamp inclusion or something else.
Since this is only a database for "man" page lookups it's not relevant to security and we will hide these files from the audit output.
Cheers,
Franco
PS: responsible is the FreeBSD script /etc/periodic/weekly/320.whatis
Strange enough I get the same changed checksums here which would indicate that the build does something differently. We never deal directly with these files so who knows what's going on there that their output differs.
Just want to say I have the same issue, and reading this thread put me at ease a bit, as I was already planning for the worst. :)
My health check:
***GOT REQUEST TO AUDIT HEALTH***
>>> Check installed kernel version
Version 20.7 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 20.7 is correct.
>>> Check for missing or altered base files
Error 2 ocurred.
usr/share/openssl/man/mandoc.db:
size (231312, 253528)
sha256digest (0x02859ea6205c04af25369a659788f9eb7f2a02369b057a5a93b1845f9b3eb3bb, 0x52c633aa21cfcb4e912cb1161b808a2fd1e19f6b576183ea778e766220e59a31)
usr/share/man/mandoc.db:
size (2890200, 2952636)
sha256digest (0xbd2d82ad7b5d52e562733f504cc14a3a8308dfda944ca013c7c183e1f0a87aad, 0x0ad4645f12d7274e414c3a8e12e9ef5edff92e568ceb62744b9002d57038d647)
>>> Check for and install missing package dependencies
Checking all packages: .......... done
>>> Check for missing or altered package files
Checking all packages: .......... done
>>> Check for core packages consistency
Checking core packages: .................................................................... done
***DONE***